The website acceptance job in Travis will fail for non-chef-github
users because we use encrypted environment variables. This job
should never hold up an accepted PR, so I'm moving it to the
allowed_failures section.
Signed-off-by: Adam Leff <adam@leff.co>
Since the command to enable them is different, also make that change in
the output based on the shell used.
Signed-off-by: Nathan L Smith <smith@chef.io>
The CLI formatter is not currently honoring the --no-color flag
when outputting CLI output. This change cleans up how we format
with color and properly support the flag for use cases where
color-encoding characters make the output difficult to use
(i.e. when someone redirects CLI output to a text file for
sharing with others).
Signed-off-by: Adam Leff <adam@leff.co>
This adds an oracle_session resource similar to the existing resource
for MySQL and MSSQL. It assumes the sqlplus tool is installed and in
the path of the user InSpec connects as.
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
Running `inspec exec` with --sudo locally produces unintended results
given that we cannot escalate local Ruby methods after we're already
running. --sudo is meant to only be used with remote targets. We do
not currently enforce that.
This change will print an error for the user if they attempt to use
--sudo with a local exec and exit non-zero.
Signed-off-by: Adam Leff <adam@leff.co>
The file resource's `#content` method will return nil if the file
cannot be read for permissions issues. If you try to run a profile
that uses the `xinetd` resource without sudo privileges, InSpec
would try to call `#empty` on nil.
This change fixes this issue by checking for nil before checking
for emptiness.
Signed-off-by: Adam Leff <adam@leff.co>
RedCarpet table rendering was not enabled, and we need to treat
the resource names as code to avoid resources with two underscores
from being rendered as partial italics.
Signed-off-by: Adam Leff <adam@leff.co>
The exit status would never return "InSpec run completed successfully"
since the value of $RC was always an integer which never was prefixed
with an "x". This checks the return directly since we currently do not
have any complex logic which warrants the need to check different
return status values where a prefixed return code is necessary.
Signed-off-by: Ryan Hass <rhass@users.noreply.github.com>
inspec.io is now hosted by Fastly which operates as a caching reverse
proxy. This change adds a Rake task that will flush the cache at Fastly
if the API key and Service ID are set in the appropriate environment
variables.
Flushing the cache is not required, so this will not error out if the
environment variables aren't provided; the cache will eventually clear
on its own. This will simply speed along the process as needed.
Signed-off-by: Adam Leff <adam@leff.co>
* Fixed bug with install step where profile would include the .hart
files from previous builds.
* Updated the generated plan to support plan.sh syntax changes in
habitat 0.21.0 and later by removing the `pkg_source` and the
`do_download`, `do_verify`, and `do_unpack` overrides.
* Updated the generate run hook to leverage habitat to perform most of
the origin, package name, and path variable interpolations.
Signed-off-by: Ryan Hass <rhass@users.noreply.github.com>
Runtime of `hab pkg exec chef/inspec` changes the path for the inspec
runtime to match that of the inspec hab package. This makes it so tests
which need to execute things like `hab pkg path myorigin/mypath` in the
can profile/test can successfully execute the command.
Signed-off-by: Ryan Hass <rhass@users.noreply.github.com>
InSpec is "appbundled" into the ChefDK which means users can't
simply run `chef gem install inspec` and get an updated InSpec.
`appbundle-updater` exists to combat this and, when run, will
pull the source and install the gem using `rake install`.
In the appbundle-updater config, we'll want to exclude unnecessary
gems from getting installed, such as the "tests" group. Our Rakefile
doesn't work without the "tests" group being installed.
This change makes the Rakefile usuable when the "tests" gems aren't
available.
Signed-off-by: Adam Leff <adam@leff.co>
Even though I couldn't find any docs around include_dir accepting anything other than a string I left the existing functionality alone.
This forces include_dir to check multiple directories as well as single string directories for additional conf files.
Signed-off-by: Elliott Davis <edavis@chef.io>